Sharanya Arava

  • SAP Security Consultant
  • Philadelphia, PA
  • Member Since Jun 02, 2023

Candidates About

 

Sharanya Arava

SAP Security Consultant

Experience Summary:

-          SAP Certified Consultant with over 8 years of experience in SAP Security & GRC (Governance, Risk and Compliance)

-          Designing and building security model for SAP systems ECC, SLC, SRM, CRM, BI, BOBJ, HANA, Portal, PI and GRC systems. Worked with diverse business modules like PTP (Procure to Pay), RTR (Record to Report), OTC (Order to Cash), EAM (Enterprise Asset Management)

-          End to end ERP implementations, interacting with business to gather requirements, documenting functional & technical requirements, configuring the build, managing the transports through production, following SDLC & managing all the required documentation for project life cycle, coordinating the testing in all environments, provided hyper care & deployed necessary documentation for support team post implementation/upgrade

-          Implementing and managing security for reporting tools like SAP HANA DB, BOBJ (Business Objects), BW (Business Warehousing), BODS (Business Objects Data Services)

-          Deployed security strategy for integrating BW, BOBJ and HANA platforms

-          Managed security for BOBJ, created groups, custom access with advanced access rights, access levels for groups to secure the respective folders

-          Well versed in developing HANA security roles (repository and catalog) based on application, package, object, analytical, system privileges

-          Setting up security by Info area, Info cube, ODS, Info object, Query and Workbooks. Worked and implemented BI security based on new BI 7.0 analysis authorization concept

-          Implementing and upgrading GRC Access Control 10.0 Suite with all components – Access Risk & Analysis, User Access Management, Emergency Access Management and Business Role Management

-          Experience in working with SOLMAN for change management and incident management

-          Documenting SoX procedures for support systems. Drafted required SOPs based on the SoX requirements

-          Broad experience in maintaining single, composite, and derived roles using Profile Generator (PFCG) in R/3 systems, maintaining and supporting ECC authorizations

-          Managed SAP ECC & BI security implementation, designed roles based on tier architecture. Good experience in handling SU24 & SU25 changes. Adjusted the SU24 settings & values during ECC & BI NetWeaver upgrade.

-          Building security model for CRM systems, worked with functional team to design business & PFCG roles, integrated CRM systems to SAP EP for designing Web UI screens. Experience in managing users and roles in CRM, built roles based on the business roles, create business partner IDs, and map users to org unit.

-          Design security for SAP Enterprise Portal, built portal groups, roles, iViews, and pages. Integrated portal to various SAP and non SAP systems for Web UI.

-          Worked as Team coordinator/Team Lead managing the SAP Security team for support activities

-          Experienced in working with auditors in keeping the SAP systems audit compliant, good Understanding of SOD/SOX, User access review and remediation work based on audit findings, facilitating internal and external auditors. Documented internal and external SoX controls.

-          Very good knowledge of producing and analyzing reports in SAP using SUIM, and security related tables (AGR*, USR*, etc.)

-          Extensive experienced in resolving issues and troubleshooting security authorization problems while adhering to Service Level Agreements (SLA)

-          Experienced in documenting and adhering to the Change Management Process for transporting roles and tables, security objects

 

Education Summary:

-          Masters in Human resource management, Andhra University, Visakhapatnam, India

-          Bachelor of Science in Electronics & Computer Science, Andhra University, Visakhapatnam, India

 

Professional Experience:

Client: AmerisourceBergen, PA
Role:
Sr. SAP GRC Consultant
Environment:
GRC AC 10.1, Fiori, BOBJ, BODS (Info Steward), HANA
Duration: March 2017 to Jan 2018

Responsibilities:

-          Implement SAP GRC Access Control 10.1 suite to automate user provisioning, firefighter provisioning and access risk analysis

-          Follow validation guidelines and documentation practices required for validation

-          Identify and schedule the batch jobs for user, role and authorization synch.

-          Configure MSMP workflows for different user provisioning scenarios like new, change, terminate, lock and unlock user accounts, create complex BRF plus rules and workflows to meet the existing user management processes in AmerisourceBergen

-          Configure MSMP workflows for role management, design role methodologies and steps involved in role creation/modification, configure condition groups for approvals, configure user access review.

-          Build custom ABAP user accounts and roles in GRC for admins, security, managers and other approvers who are part of the workflows, apply correction notes for the bugs identified   .

-          Conduct meetings with business and functional teams to finalize rulesets, workflows and master data for user and role provisioning, role authorization and position matrix.

-          Implement emergency access management for handling fire call IDs, configure automatic workflows for managing emergency ID assignment and review of the firefighter logs, build firefighter IDs  in remote systems, identify FF owners and reviewers and schedule batch jobs for log generation

-          Review current AmerisourceBergen SAP GRC SoD ruleset to build the new custom ruleset that aligns to AmerisourceBergen business processes

-          Conduct business workshops with stakeholders and process owners to understand the AmerisourceBergen processes and existing system controls in place to prevent the fraud

-          Perform AmerisourceBergen ruleset benchmark using both transaction codes (tcodes) and permission values against industry standards and SAP rulesets in order to provide recommendations of modifications to the AmerisourceBergen ruleset

-          Organize workshops and gather input from business process and function owners on current and proposed state of SAP GRC SOD and SA risk rankings

-          Based on input from stakeholders, perform the design, build, and testing of adjustments to the SOD and SA ruleset in development and quality assurance GRC systems

-          Develop security model for reporting and analytics platform (BOBJ, BI, HANA & Fiori)

-          Implement security framework Fiori based reporting via HANA analytics and BOBJ based reporting with tools like Lumira & Analysis for Office (AO)

-          Developed roles for Info Steward reporting based out of BODS

-          Designed roles for HANA database to secure packages and views based on regulatory and corporate security policies

-          Developed complex analytical privileges to impose organizational restrictions on HANA database view (Calculation and Analytical)

 

Client: Apple, California
Role:
Sr. SAP Security Consultant
Environment:
SAP ECC 6.0, BI/BW, BOBJ, HANA, SRM, BPC, SLC, and GRC AC 10.X
Duration: August 2013 to Jan 2017

Responsibilities:

-          Provide security expertise for support and project operations that involve contact rollouts and acquisitions by Apple

-          Maintain security for SAP applications like ECC 6.0, BI/BW, BOBJ, HANA, SRM, BPC, SLC, GRC AC 10.1

-          Implement security for Apple’s newly deployed application SAP SLC (supplier lifecycle management). Design and build security roles for buyer side and seller side portals

-          Work with purchase teams to understand scope of SLC functionality and gather access requirements for suppliers and buyers. This efforts includes design, building, testing and deploying security roles

-          Design HANA database roles for sidecar implementations that involve in conducting workshops with IT teams, design and building roles for basis, developers and security teams

-          Support and maintain security for reporting tools like HANA, BOBJ and BW applications

-          Maintain Folder, Universe and Application level security in BOBJ. Create and maintain new access levels to accommodate evolving access needs

-          Develop BW roles and BOBJ groups to map BOBJ folder access to backend BW queries

-          Develop repository roles for HANA database and transport them across the landscape

-          Rollout SAP GRC Access Control 10.1 suite to other applications in the landscape for automate user provisioning, emergency access provisioning and access risk analysis

-          Configure MSMP workflows for different user provisioning scenarios like new, change, terminate, lock and unlock user accounts, create complex BRF plus rules and workflows to meet the existing user management processes in Apple.

-          Configure MSMP workflows for role management, design role methodologies and steps involved in role creation/modification, configure condition groups for approvals, and configure user access review.

-          Use automatic Profile Generator (PFCG) to create roles/profiles for SAP ABAP systems like ECC, BI, SRM, CRM, GRC, BPC

-          Added and deleted transaction codes from roles; Worked on creation of variant / parameter transaction codes from table maintenance or for a program.  Addition of transaction code to company menu

-          Analyze trace files and tracked missed authorizations for users access problems and update SU24 values to maintain necessary authorization in PFCG roles that are assigned to user

-          Support BW & BI systems, create & trouble shoot analysis authorizations, investigate the trace results from RSECADMIN

-          Co-ordinate Unit testing (UT), System Integration Testing (SIT), User Acceptance Test (UAT) for Roles and authorizations to ensure accuracy and segregation of duties as part of Support

-          Resolved security defects created by test scripts in HPQC and periodically used HPQC progress report to monitor defects

 

 

Client: Zimmer Biomet, New Jersey
Role:
Sr. SAP Security Consultant
Environment:
SAP ECC 6.0, BI/BW, and GRC 5.3
Duration: May 2011 to July 2013

Responsibilities

-          Involved in GRC Implementation & ECC Security rollout project for Qatar region, configured workflows for user provisioning, de-provisioning.

-          Configure & maintain GRC AC 5.3 tools - Risk Analysis & Remediation, Super user Privilege Management, Compliant user provisioning.

-          Designed Rulesets, Risk IDs, Mitigation controls & Workflow for RAR.

-          Designed firefighter mechanism as part SPM implementation and integration to CUP.

-          Design ECC roles for various job roles and analyzed the SODs. Worked towards remediation and mitigation user & role access.

-          Provided administrator and support services to Shell Gas GRC systems.

-          Troubleshoot and maintain the open requests in CUP tool initiated by business & IT users.

-          Schedule & monitor the batch jobs in GRC systems for user and role master record reconciliation.

-          Created, generated profiles, Authorizations, object classes, objects, and roles and assigned to user master.

-          As a Security controller in GRC 5.3, I have carried activities like monitoring the Emergency ID usage.

-          Have used GRC tools - RAR for checking the SODs and mitigating the users, CUP/SPM for user access review.

-          Extensively used Automatic Profile Generator (PFCG) to create roles/profiles for various modules such as HR, MM, and BI etc.

-          Transported profiles between clients within R/3 system and between R/3 systems; Performed transports and mass transports of roles. .

-          Used Derived activity groups to create new activity groups and to transfer transaction codes from old ones to new ones.

-          Added and deleted transaction codes from roles; Worked on creation of variant / parameter transaction codes from table maintenance or for a program.  Addition of transaction code to role menu and maintain the authorization.

-          Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.

-          Effectively analyzed trace files and tracked missed authorizations in user master record

-          Performed user maintenance tasks, User creation, deletion, lock down, activation, password management tasks and ran various user administration reports.

-          Worked on CUA and LDAP as a security administrator.

-          Troubleshoot security/authorization related problems using SU53, ST01 and SUIM

-          Cleaning up of roles and profiles not being used.

-          Transported the generated roles and profiles using SAP transport management system.

-          Used Derived activity groups to create new activity groups and to transfer transaction codes from old ones to new ones.

 

 

Client: Volkswagen, India
Role:
SAP HR Admin
Environment:
SAP ECC & BW
Duration: June 2009 to April 2011

Responsibilities

-          Worked with Dynamic actions and info type’s tables.

-          Assigned users and roles to positions using both PFCG and PPOM_OLD. Create Context-sensitive Authorizations using P_ORGINXX

-          Assigned structural profiles to users using the program RHPROFL0

-          Maintained authorization profiles using OOSP. Worked with NWBC to fix Security related issues.

-          Setup and maintained Organizational Structure including Organizational Units, Jobs, Positions, Cost Center assignments etc.

-          Supported Structural Authorizations by Evaluation path method in the Org Structure.

-          Assigned tasks to positions and integrated all these into the enterprise organizational plan.

-          Assigned the various organization units and positions to cost centers.

-          Reviewed the Organization structure, jobs, roles and the SOD matrix for the Security developed in SAP and handled SOD conflicts for Sarbanes Oxley Compliance.

-          Supported audit team for generating audit reports as per the audit rules provided by the auditors

-          Worked with process experts for SOD conflicts and assigned appropriate roles to the users

-          Setting up SAP system for auto log-out, password length and expiration and specifying impermissible passwords.

-          Worked closely with Audit team for SAP Security Audit and generated Audit Information System logs.

-          Working closely with Audit team for user-role conflict removal in R/3

-          Perform regular system audits to detect deviations of established procedures, role mapping, unauthorized system activity and report findings to management

-          Supported Internal and External security audits in the production system·

-          Created Security reports as Key Controls for SOX including critical